Description :
This script deletes whole registry key or registry value.
RV - When you want to delete registry value ,pass both reg value and key name in "reg_path","reg_key" in list example: reg_path=[r'HKLM\test1',r'HKLM\test2'] and reg_key=['test1','test2']
RK- When you want to delete whole key with values and other sub keys with values ,pass only "reg_path" in list example : reg_path=[r'HKLM\test1',r'HKLM\test2']
Note:
Run as Local System user
import os
import ctypes
delete_type="RK"#RV-Registry value,RK-Registry Key
reg_path=[r'HKCU\test',r'HKCU\dig']
reg_key=['test','test2']
def reg_rv(reg_path,reg_key):
cmd='REG DELETE "%s" /v %s /f'%(reg_path,reg_key)
print cmd
return os.popen(cmd).read()
def reg_rk(reg_path):
cmd='REG DELETE "%s" /f'%(reg_path)
print cmd
return os.popen(cmd).read()
class disable_file_system_redirection:
_disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
_revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
def __enter__(self):
self.old_value = ctypes.c_long()
self.success = self._disable(ctypes.byref(self.old_value))
def __exit__(self, type, value, traceback):
if self.success:
self._revert(self.old_value)
with disable_file_system_redirection():
try:
if delete_type=="RK":
for i in reg_path:
reg_rk(i)
else:
for i in zip(reg_path,reg_key):
reg_rv(i[0],i[1])
except Exception as E:
print E
Comments